Politics & Government
Contact Tracing Data For 72K In PA May Have Been Exposed: State
The personal healthcare information of up to 72,000 Pennsylvanians may have been exposed through a security breach with an outside firm.
PENNSYLVANIA — The Department of Health is investigating after the personal healthcare information of at least 72,000 Pennsylvanians may have been exposed through the security lapse of a third-party vendor, officials said.
Amid the height of the pandemic in 2020, the state contracted with an Atlanta-based firm, Insight Global, to assist in contact tracing. This firm disregarded established security protocols by creating unauthorized copies of documents containing sensitive personal healthcare information, a spokesperson for the state told Patch Thursday. These copies were outside of the secure servers set up by the state.
"We are extremely dismayed that employees from Insight Global acted in a way that may have compromised this type of information and sincerely apologize to all impacted individuals," said Barry Ciccocioppo the Communications Director for the Department of Health.
Find out what's happening in Abingtonfor free with the latest updates from Patch.
Some officials reacted with shock to the news.
"Unreal," State Rep. Chris Quinn said, after the news broke.
Find out what's happening in Abingtonfor free with the latest updates from Patch.
Patch has reached out to Insight Global for comment on this story. They did not immediately respond.
The Pittsburgh-based news outlet WXPI first reported the potential breach Thursday morning, when a reporter there said he was able to access some of the documents.
The documents exposed contained personal and healthcare information like phone numbers, email addresses, ages, genders, sexual orientations, and COVID diagnoses.
The state says that the compromised information did not include any financial information, social security numbers, or home addresses.
Insight Global is working with IT security experts to investigate the situation and determine all individuals who may have had information compromised. The company will notify those individuals directly, the state says. Anyone concerned they may have had their data compromised can call a hotline, 1-855-535-1787, beginning on Friday at 1 p.m. It will be staffed from 9 a.m. to 9 p.m. on weekdays after that.
Ciccocioppo added that the Department of Health will not renew its contract with the company when it expires on July 31.
This is a breaking story. More information will be provided as it becomes available.
Get more local news delivered straight to your inbox. Sign up for free Patch newsletters and alerts.